Obsah fóra
PravidláRegistrovaťPrihlásenie




Odpovedať na tému [ Príspevkov: 35 ] Choď na stránku: 1, 2 ďalšia
AutorSpráva
Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok NapísalOffline : 08.12.2012 11:25

Väčšinou sa mi notebook spusti normalne ale niekedy proste sa plocha sprava rovnako ako normalne nacitava sa ale nenacita sa uplne nic sa potom neda robit ani proces nemozem napisat len musim restartovat a potom to uz zapne dobre, kde je problem?







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 15.10.11
Prihlásený: 28.02.18
Príspevky: 374
Témy: 60
Bydlisko: Banska Byst...
Príspevok NapísalOffline : 08.12.2012 14:34

Predinštaluj Windows a máš opravené :) a keď nie tak to bude hardwerová chyba


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 08.12.2012 18:54

vlož log z rsit http://en.kioskea.net/download/download-11416-rsit


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 16.12.2012 12:54

dakujem za rady :)







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 16.12.2012 13:01

dobre postupuj podľa inštrukcii


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 17.12.2012 0:15

a ako viem co tu mam dat? je toho vela a neviem ci sa da dat spoiler tu ...alebo ?

este sa nevyznam velmi







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 17.12.2012 14:44

máš dať log y rsit keď spustič rsit daš contine prebehne generovanie logu log budeš mať na C:rsit log sem ho upni.


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 18.12.2012 15:55

To som rozumel ze tu mam dat log, len som nevedel že ci je to normalne aby som to tu daval cele...ci to nevadi a ci tu nieje nejaky spoiler.



    Logfile of random's system information tool 1.09 (written by random/random)
    Run by Wahiro at 2012-12-17 00:11:29
    Microsoft Windows 7 Home Premium Service Pack 1
    System drive C: has 30 GB (15%) free of 200 GB
    Total RAM: 4000 MB (41% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 0:11:38, on 17. 12. 2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
    C:\Users\Wahiro\Downloads\RSIT.exe
    C:\Program Files (x86)\trend micro\Wahiro.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si= ... e&tid=2996
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si= ... e&tid=2996
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
    O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
    O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Deamon tools\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-1217127451-1472613876-3005742002-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-1217127451-1472613876-3005742002-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    O4 - Global Startup: GamePark klient 2.lnk = D:\Action\GamePark2\gpcl.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = D:\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
    O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AFBAgent - ASUSTeK Computer Inc. - C:\Program Files\ASUS\Fast Boot\FBAgent.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Tune Up\TuneUpUtilitiesService64.exe
    O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 13601 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Adobe Flash Player Updater.job

    =========Mozilla firefox=========

    ProfilePath - C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default

    prefs.js - "browser.search.useDBForOrder" - false
    prefs.js - "browser.startup.homepage" - "http://search.certified-toolbar.com?si=41460&home=true&tid=2996"
    prefs.js - "keyword.URL" - "http://search.certified-toolbar.com?si=41460&tid=2996&bs=true&q="

    "{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
    "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
    "Description"=Adobe® Flash® Player 11.5.502.135 Plugin
    "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
    "Description"=
    "Path"=C:\Windows\system32\Wat\npWatWeb.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
    "Description"=Ag Player Plugin
    "Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
    "Description"=WLPG Install MIME type
    "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
    "Description"=WLPG Install MIME type
    "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
    "Description"=This plugin detects and launches Pando Media Booster
    "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\ZEON/PDF,version=2.0]
    "Description"=
    "Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

    C:\Program Files (x86)\Mozilla Firefox\extensions\
    ffxtlbr@babylon.com
    {972ce4c6-7e08-4474-a285-3208198ce6fd}

    C:\Program Files (x86)\Mozilla Firefox\components\
    binary.manifest
    browsercomps.dll

    C:\Program Files (x86)\Mozilla Firefox\searchplugins\
    amazondotcom.xml
    avg-secure-search.xml
    babylon.xml
    bing.xml
    eBay.xml
    google.xml
    twitter.xml
    Web Search.xml
    wikipedia.xml
    yahoo.xml

    C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default\searchplugins\
    Web Search.xml

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
    avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
    Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-05-16 194928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {98889811-442D-49dd-99D7-DC866BE87DBC}
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-10-19 3331312]
    "ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
    "ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21 5716608]
    "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
    "HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
    "Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-09-13 2317312]
    "RemoteControl10"=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2011-03-30 87336]
    "UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2011-10-12 222504]
    "SonicMasterTray"=C:\Program Files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe [2010-07-09 984400]
    "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
    "DAEMON Tools Lite"=D:\Deamon tools\DAEMON Tools Lite\DTLite.exe [2012-01-24 3478336]
    "WebcamMaxAutoRun"=C:\Program Files (x86)\WebcamMax\WebcamMax.exe [2010-08-03 6043888]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    GamePark klient 2.lnk - D:\Action\GamePark2\gpcl.exe
    WinZip Quick Pick.lnk - D:\WinZip\WZQKPICK.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"="c:\windows\syswow64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableUIADesktopToggle"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=1
    "NoActiveDesktopChanges"=1
    "ForceActiveDesktopOn"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccleaner64.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdspeed.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\coverdes.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drivespeed.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dtlite.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infotool.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\liveupdate.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nero.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerohome.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neromediahome.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerostartsmart.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerovision.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnap.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnapviewer.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\recode.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupx.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\showtime.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\soundtrax.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sptdinst-x64.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninst.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\waveedit.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webcammax.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winword.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winzip32.exe]
    "Debugger=""D:\Tune Up\TUAutoReactivator64.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "vidc.mrle"=msrle32.dll
    "vidc.msvc"=msvidc32.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msg711"=msg711.acm
    "msacm.msgsm610"=msgsm32.acm
    "msacm.msadpcm"=msadp32.acm
    "midimapper"=midimap.dll
    "wavemapper"=msacm32.drv
    "vidc.uyvy"=msyuv.dll
    "vidc.yuy2"=msyuv.dll
    "vidc.yvyu"=msyuv.dll
    "vidc.iyuv"=iyuv_32.dll
    "vidc.i420"=iyuv_32.dll
    "vidc.yvu9"=tsbyuv.dll
    "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
    "vidc.cvid"=iccvid.dll
    "msacm.siren"=sirenacm.dll
    "wave1"=wdmaud.drv
    "midi1"=wdmaud.drv
    "mixer1"=wdmaud.drv
    "wave2"=wdmaud.drv
    "midi2"=wdmaud.drv
    "mixer2"=wdmaud.drv
    "msacm.l3codecp"=l3codecp.acm
    "vidc.VP60"=vp6vfw.dll
    "vidc.VP61"=vp6vfw.dll
    "vidc.VP62"=vp6vfw.dll
    "wave"=wdmaud.drv
    "midi"=wdmaud.drv
    "mixer"=wdmaud.drv
    "aux"=wdmaud.drv
    "VIDC.FPS1"=frapsvid.dll
    "msacm.lhacm"=lhacm.acm
    "msacm.vorbis"=vorbis.acm

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 month======

    2012-12-17 00:11:29 ----D---- C:\rsit
    2012-12-17 00:11:29 ----D---- C:\Program Files (x86)\trend micro
    2012-12-13 00:03:20 ----A---- C:\Windows\SysWOW64\vbscript.dll
    2012-12-13 00:03:20 ----A---- C:\Windows\SysWOW64\mshtmled.dll
    2012-12-13 00:03:19 ----A---- C:\Windows\SysWOW64\ieui.dll
    2012-12-13 00:03:18 ----A---- C:\Windows\SysWOW64\url.dll
    2012-12-13 00:03:18 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
    2012-12-13 00:03:17 ----A---- C:\Windows\SysWOW64\urlmon.dll
    2012-12-13 00:03:15 ----A---- C:\Windows\SysWOW64\msfeeds.dll
    2012-12-13 00:03:14 ----A---- C:\Windows\SysWOW64\wininet.dll
    2012-12-13 00:03:13 ----A---- C:\Windows\SysWOW64\jscript9.dll
    2012-12-13 00:03:13 ----A---- C:\Windows\SysWOW64\jscript.dll
    2012-12-13 00:03:12 ----A---- C:\Windows\SysWOW64\iertutil.dll
    2012-12-13 00:03:11 ----A---- C:\Windows\SysWOW64\jsproxy.dll
    2012-12-13 00:03:09 ----A---- C:\Windows\SysWOW64\mshtml.dll
    2012-12-13 00:03:05 ----A---- C:\Windows\SysWOW64\ieframe.dll
    2012-12-12 12:58:40 ----A---- C:\Windows\SysWOW64\tzres.dll
    2012-12-12 12:58:31 ----A---- C:\Windows\SysWOW64\atmlib.dll
    2012-12-12 12:58:31 ----A---- C:\Windows\SysWOW64\atmfd.dll
    2012-12-12 12:58:20 ----A---- C:\Windows\SysWOW64\KernelBase.dll
    2012-12-12 12:58:20 ----A---- C:\Windows\SysWOW64\kernel32.dll
    2012-12-12 12:58:18 ----A---- C:\Windows\SysWOW64\setup16.exe
    2012-12-12 12:58:16 ----A---- C:\Windows\SysWOW64\wow32.dll
    2012-12-12 12:58:16 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
    2012-12-12 12:58:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-12-12 12:58:13 ----A---- C:\Windows\SysWOW64\instnm.exe
    2012-12-12 12:58:11 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2012-12-12 12:58:11 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2012-12-12 12:58:10 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2012-12-12 12:58:10 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2012-12-12 12:58:10 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-12-12 12:58:08 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2012-12-12 12:58:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-12-12 12:58:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-12-12 12:58:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2012-12-12 12:58:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2012-12-12 12:58:05 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2012-12-12 12:58:05 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-12-12 12:58:05 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2012-12-12 12:58:04 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2012-12-12 12:58:04 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2012-12-12 12:58:03 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2012-12-12 12:58:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2012-12-12 12:58:01 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2012-12-12 12:58:01 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2012-12-12 12:58:01 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-12-12 12:57:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2012-12-12 12:57:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2012-12-12 12:57:50 ----A---- C:\Windows\SysWOW64\user.exe
    2012-12-12 12:57:38 ----A---- C:\Windows\SysWOW64\dpnet.dll
    2012-12-06 15:37:56 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2012-12-04 22:45:45 ----D---- C:\Program Files (x86)\AGEIA Technologies
    2012-12-04 22:41:41 ----A---- C:\Windows\SysWOW64\nvcompiler.dll
    2012-12-04 22:41:40 ----A---- C:\Windows\SysWOW64\nvopencl.dll
    2012-12-04 22:41:40 ----A---- C:\Windows\SysWOW64\nvoglv32.dll
    2012-12-04 22:41:40 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll
    2012-12-04 22:41:40 ----A---- C:\Windows\SysWOW64\nvcuda.dll
    2012-12-04 22:41:37 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll
    2012-12-04 22:41:37 ----A---- C:\Windows\SysWOW64\nvd3dum.dll
    2012-12-04 22:41:37 ----A---- C:\Windows\SysWOW64\nvcuvid.dll
    2012-12-02 14:45:57 ----D---- C:\Program Files (x86)\Protected Search
    2012-12-02 14:45:49 ----A---- C:\Windows\Launcher.exe
    2012-12-02 14:45:47 ----A---- C:\SetSearchAndHomepageInBrowserLog.txt
    2012-12-02 14:45:34 ----D---- C:\Program Files (x86)\Red Sky
    2012-11-28 20:51:04 ----D---- C:\Users\Wahiro\AppData\Roaming\Theta
    2012-11-24 17:17:06 ----D---- C:\Program Files (x86)\Electronic Arts

    ======List of files/folders modified in the last 1 month======

    2012-12-17 00:11:38 ----D---- C:\Windows\Prefetch
    2012-12-17 00:11:29 ----RD---- C:\Program Files (x86)
    2012-12-17 00:11:21 ----D---- C:\Windows\Temp
    2012-12-16 21:51:33 ----SHD---- C:\System Volume Information
    2012-12-16 20:17:21 ----SHD---- C:\Windows\Installer
    2012-12-16 20:17:21 ----SHD---- C:\Config.Msi
    2012-12-16 20:06:09 ----A---- C:\Windows\SysWOW64\acovcnt.exe
    2012-12-13 20:11:59 ----D---- C:\Windows\rescache
    2012-12-13 11:04:08 ----D---- C:\Windows\winsxs
    2012-12-13 11:02:34 ----D---- C:\Windows\SysWOW64\sk-SK
    2012-12-13 11:02:34 ----D---- C:\Windows\SysWOW64
    2012-12-13 11:02:34 ----D---- C:\Windows\System32
    2012-12-13 11:02:30 ----D---- C:\Windows\AppPatch
    2012-12-13 11:02:29 ----D---- C:\Windows\SysWOW64\migration
    2012-12-13 11:02:29 ----D---- C:\Program Files (x86)\Internet Explorer
    2012-12-13 00:05:13 ----D---- C:\Windows\debug
    2012-12-13 00:05:06 ----D---- C:\ProgramData\Microsoft Help
    2012-12-12 17:41:42 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
    2012-12-10 17:47:42 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
    2012-12-07 13:47:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
    2012-12-04 22:57:34 ----D---- C:\Windows
    2012-12-04 22:57:01 ----D---- C:\Windows\SysWOW64\NV
    2012-12-04 22:56:56 ----D---- C:\ProgramData\NVIDIA
    2012-12-04 22:45:45 ----D---- C:\Program Files (x86)\NVIDIA Corporation
    2012-12-04 22:45:06 ----D---- C:\Windows\inf
    2012-12-04 22:44:05 ----HD---- C:\temp
    2012-12-03 16:47:14 ----A---- C:\Windows\SysWOW64\nvumdshim.dll
    2012-12-03 16:47:14 ----A---- C:\Windows\SysWOW64\nvinit.dll
    2012-12-03 16:47:14 ----A---- C:\Windows\SysWOW64\nvapi.dll
    2012-12-01 11:51:07 ----D---- C:\Users\Wahiro\AppData\Roaming\uTorrent
    2012-12-01 11:51:07 ----D---- C:\Users\Wahiro\AppData\Roaming\DAEMON Tools Lite
    2012-11-29 20:15:17 ----D---- C:\uTorrent
    2012-11-26 12:20:21 ----SD---- C:\Users\Wahiro\AppData\Roaming\Microsoft
    2012-11-24 22:14:19 ----D---- C:\Program Files (x86)\Common Files\BioWare
    2012-11-24 22:13:58 ----RD---- C:\Users
    2012-11-24 17:14:10 ----D---- C:\Windows\Resources

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
    R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
    R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []
    R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
    R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
    R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
    R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys []
    R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
    R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
    R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
    R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
    R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys []
    R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
    R2 adfs;adfs; C:\Windows\SysWOW64\drivers\adfs.sys []
    R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
    R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
    R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
    R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
    R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys []
    R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2011-09-20 16768]
    R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys []
    R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys []
    R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys []
    R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys []
    R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
    R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
    R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys []
    R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys []
    R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys []
    R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
    R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys []
    R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []
    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys []
    R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys []
    R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Tune Up\TuneUpUtilitiesDriver64.sys [2012-02-09 11856]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
    S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys []
    S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
    S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
    S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
    S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys []
    S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys []
    S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys []
    S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
    S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
    S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AFBAgent;AFBAgent; C:\Program Files\ASUS\Fast Boot\FBAgent.exe [2011-03-04 379520]
    R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-20 1166848]
    R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
    R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-09-29 92800]
    R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-09-16 1518352]
    R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
    R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-03 1259880]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-09-30 75064]
    R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2012-12-10 214520]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-09-16 844560]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Tune Up\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
    R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
    R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
    R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
    R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
    R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]
    S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
    S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
    S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-06 115168]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-16 340240]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
    S4 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-01-14 1839616]
    S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
    S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
    S4 NBService;NBService; D:\Nero 7 Ultra Edition\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
    S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
    S4 Splashtop MDES;Splashtop Meta Data Export Service; C:\ASUS.SYS\SIONExportService.exe [2011-11-30 338208]
    S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
    S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

    -----------------EOF-----------------







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 18.12.2012 19:33

stiahni si combofix z http://www.bleepingcomputer.com/download/combofix/ spusť dávaj yes ok agree ako ta combofix vyzve keď skonči vybehne poznámkový blok budeš ho mať na C:combofix.txt upni ho sem


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 21.12.2012 15:09

ComboFix 12-12-20.02 - Wahiro . 12. 2012 13:33:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4000.1418 [GMT 1:00]
Running from: c:\users\Wahiro\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\FullRemove.exe
c:\programdata\Roaming
c:\users\Wahiro\AppData\Local\assembly\tmp
c:\windows\SysWow64\tmp7A7A.tmp
c:\windows\SysWow64\tmpC65D.tmp
c:\windows\SysWow64\tmpC69D.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))))
.
.
2012-12-21 13:56 . 2012-12-21 13:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-21 13:56 . 2012-12-21 13:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-20 17:37 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DD16904-6A88-41BE-91BC-AB83D774BEB7}\mpengine.dll
2012-12-20 11:03 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-16 23:11 . 2012-12-16 23:11 -------- d-----w- C:\rsit
2012-12-16 23:11 . 2012-12-16 23:11 -------- d-----w- c:\program files (x86)\trend micro
2012-12-12 11:58 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 11:57 . 2012-10-04 17:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 11:57 . 2012-10-04 16:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 11:57 . 2012-10-04 16:40 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2012-12-12 11:57 . 2012-10-04 17:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 11:57 . 2012-10-04 14:46 2048 ----a-w- c:\windows\SysWow64\user.exe
2012-12-12 11:57 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 11:57 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-04 21:45 . 2012-12-04 21:45 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2012-12-02 13:45 . 2012-12-02 13:45 -------- d-----w- c:\program files (x86)\Protected Search
2012-12-02 13:45 . 2012-08-30 01:01 15432 ----a-w- c:\windows\Launcher.exe
2012-12-02 13:45 . 2012-12-02 13:46 -------- d-----w- c:\users\Wahiro\AppData\Local\DownTango
2012-12-02 13:45 . 2012-12-02 13:45 -------- d-----w- c:\program files (x86)\Red Sky
2012-11-28 21:00 . 2012-11-28 20:56 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B019D11-227B-4AB0-8C12-43E620CB431E}\gapaengine.dll
2012-11-28 19:51 . 2012-11-28 19:51 -------- d-----w- c:\users\Wahiro\AppData\Roaming\Theta
2012-11-25 09:11 . 2012-11-25 09:11 -------- d-----w- c:\users\Wahiro\AppData\Local\SWTOR
2012-11-24 21:13 . 2012-11-24 21:13 -------- d-----w- c:\users\hedev
2012-11-24 16:17 . 2012-11-24 16:17 -------- d-----w- c:\program files (x86)\Electronic Arts
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-21 07:08 . 2012-06-13 13:48 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-12-12 23:05 . 2012-06-23 07:27 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 16:41 . 2012-09-13 12:39 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 16:41 . 2012-09-13 12:39 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-10 16:47 . 2012-09-30 10:13 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-10 16:47 . 2012-08-09 15:52 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-03 15:47 . 2012-06-23 13:54 983936 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-03 15:47 . 2012-06-23 13:54 841272 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-12-03 15:47 . 2012-06-23 13:54 2496976 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-12-03 15:47 . 2012-06-23 13:54 1805672 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-03 15:47 . 2012-06-22 22:31 245432 ----a-w- c:\windows\system32\nvinitx.dll
2012-12-03 15:47 . 2012-06-22 22:31 201136 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-12-03 15:47 . 2012-06-22 22:31 2816824 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-01 05:49 . 2012-06-23 13:56 3663213 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-01 05:49 . 2012-06-23 13:56 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-01 05:49 . 2012-06-23 13:56 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-12-01 05:49 . 2012-06-23 13:56 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-01 05:49 . 2012-06-23 13:56 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-01 05:49 . 2012-06-23 13:56 890216 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-01 05:49 . 2012-06-23 13:56 877928 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-01 05:48 . 2012-06-23 13:56 6223208 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-01 05:48 . 2012-06-23 13:56 3311464 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-04 12:47 . 2012-11-04 12:47 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-04 12:47 . 2012-11-04 12:47 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-10-16 08:38 . 2012-11-28 08:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 08:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 08:06 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 22:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 22:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 22:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 22:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-04 16:40 . 2012-12-12 11:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 22:50 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 22:50 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 22:50 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 22:50 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 22:50 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 22:50 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 22:50 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 22:50 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 22:50 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 22:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 22:50 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 16:40 . 2012-07-03 16:38 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-30 10:13 . 2012-07-19 10:12 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-09-25 22:47 . 2012-11-14 22:49 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-14 22:49 95744 ----a-w- c:\windows\system32\synceng.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2012-05-16 18:37 194928 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="d:\deamon tools\DAEMON Tools Lite\DTLite.exe" [2012-01-24 3478336]
"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\WebcamMax.exe" [2010-08-03 6043888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-10-19 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-13 2317312]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2011-10-12 222504]
"SonicMasterTray"="c:\program files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe" [2010-07-09 984400]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-10-20 549040]
GamePark klient 2.lnk - d:\action\GamePark2\gpcl.exe [2012-9-30 442880]
WinZip Quick Pick.lnk - d:\winzip\WZQKPICK.EXE [2007-4-11 394856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "c:\programdata\Nuance\PDF Reader\Ereg\Ereg.ini"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-09-15 299008]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-03-24 34200]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-16 340240]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-20 1255736]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-01-14 1839616]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R4 Splashtop MDES;Splashtop Meta Data Export Service;c:\asus.sys\SIONExportService.exe [2011-11-30 338208]
R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-03 30056]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-14 283200]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-12-03 284008]
S2 AFBAgent;AFBAgent;c:\program files\ASUS\Fast Boot\FBAgent.exe [2011-03-03 379520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-20 1166848]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-09-29 92800]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\tune up\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-09-20 16768]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-09-15 299008]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-10-04 129512]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-10-04 394728]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-09-19 108656]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\tune up\TuneUpUtilitiesDriver64.sys [2012-02-09 11856]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-13 16:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-09-16 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-11-03 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-11-03 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-11-03 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uSearch Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
uStart Page = hxxp://search.certified-toolbar.com?si= ... e&tid=2996
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mStart Page = hxxp://search.certified-toolbar.com?si= ... e&tid=2996
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mSearch Bar = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 88.212.8.8 88.212.8.88
FF - ProfilePath - c:\users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.certified-toolbar.com?si= ... e&tid=2996
FF - prefs.js: keyword.URL - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
FF - ExtSQL: 2012-11-08 22:50; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1217127451-1472613876-3005742002-1001\Software\SecuROM\License information*]
"datasecu"=hex:76,ef,c6,30,e2,fc,5b,19,cb,0c,aa,d8,cf,c6,05,09,30,12,fe,a1,be,
90,64,ef,71,49,fe,ea,12,19,92,a2,65,f7,04,ca,84,45,15,6e,d0,00,73,2d,64,cb,\
"rkeysecu"=hex:5f,cc,15,fc,b2,3c,cf,f3,9d,55,39,d5,d7,3e,ef,9c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-21 15:03:51
ComboFix-quarantined-files.txt 2012-12-21 14:03
.
Pre-Run: 27 539 501 056 bytes free
Post-Run: 27 194 531 840 bytes free
.
- - End Of File - - 51251B87014B96BDC587AEB5C3CD7110







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 21.12.2012 15:14

v prvom rade odinštaluj MSE alebo avast
prekontroluj vo vo virustotal https://www.virustotal.com/
c:\windows\SysWow64\user.exe
c:\windows\Launcher.exe


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 22.12.2012 23:23

preco mam odinstalovat antivirak? a prekontroloval som to vo virus total a nenaslo nic....







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Skúsený užívateľ
Skúsený užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 24.01.08
Prihlásený: 13.09.17
Príspevky: 14572
Témy: 66
Bydlisko: Žilina
Príspevok NapísalOffline : 23.12.2012 0:15

Pretože v pc NIKDY nemáme viac ako jeden antivír, robí to problémy. Nechaj si buď Avast alebo MSE, nie oboje.







_________________
C#, PHP, ...
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 23.12.2012 11:17

ulož combofix na plochu stiahni si cfscript z http://www.ulozto.sk/x8xvDk7/cfscript-txt uloz ho na plochu pretiahni cfscript cez combofix aplikuje sa script posli log budeš ho máť na C:combofix.txt
Stiahni si MBAM z http://www.techspot.com/downloads/4716- ... lware.html nainštaluj spusť daj plnu kontrolu predom nič nemaž pošli vypis z protokolov


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 25.12.2012 21:01

:D no bude mi trochu smutno za avastom, ale viditelne sa mi zrychlil PC, nechapem ze ten antivirak mal az taky vplyv na rychlost pc....a co sa tyka combofixu, urobim to zajtra, dost to trva a dnes uz nechcem. To aj staci ked bude na ploche odkaz tej aplikacie combofix vsak? cestu si najde aj tak.







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 25.12.2012 21:03

pekne to urob bez odkazu


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 25.12.2012 21:06

a mimo toho otazocka naco je zlozka VirtualStore? Ja som si nainstaloval The Sims 2 s datadiskami, spolu to ma 14GB a v tom virtual store je tiez the sims zabera mi to 7 GB a su tam len data? naco to tam je? cital som niekde ze to chrani pred crashom a padmi aplikacii. Ak by som ten sims vymazal vo virtual store aj ked ho mam dalej inde v C: nainstalovany bude to vadit? potrebujem mat tie data z TS vo Virtual store?

Sorry za odbočku, dufam že nevadi moc :)







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 26.12.2012 9:15

Tu to je

ComboFix 12-12-20.02 - Wahiro . 12. 2012 8:59.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4000.2109 [GMT 1:00]
Running from: c:\users\Wahiro\Desktop\ComboFix.exe
Command switches used :: c:\users\Wahiro\Desktop\cfscript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk GamePark klient 2.lnk"
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Yontoo
c:\program files (x86)\Yontoo\YontooIEClient.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
c:\users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
c:\windows\iun6002.exe
c:\windows\msvcr71.dll
c:\windows\SysWow64\msvfd32.exe
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeFlashPlayerUpdateSvc
.
.
((((((((((((((((((((((((( Files Created from 2012-11-26 to 2012-12-26 )))))))))))))))))))))))))))))))
.
.
2012-12-26 08:05 . 2012-12-26 08:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-26 08:05 . 2012-12-26 08:05 -------- d-----w- c:\users\hedev\AppData\Local\temp
2012-12-26 08:05 . 2012-12-26 08:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-25 20:03 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CB8D8A3-D4F2-4C67-BF34-72CE4A654611}\mpengine.dll
2012-12-25 14:59 . 2012-12-25 14:59 -------- d-----w- c:\programdata\InstallShield
2012-12-25 14:00 . 2012-12-25 15:05 -------- d-----w- c:\program files (x86)\Sierra
2012-12-25 11:50 . 2012-12-25 11:50 -------- d-----w- c:\users\Wahiro\AppData\Local\Focus Home Interactive
2012-12-25 11:49 . 2012-12-25 11:49 -------- d-----w- c:\program files (x86)\Focus Home Interactive
2012-12-25 08:59 . 2012-12-25 08:59 -------- d-----w- c:\programdata\Tages
2012-12-25 08:52 . 2012-12-25 08:52 -------- d-----w- c:\programdata\Solidshield
2012-12-25 08:38 . 2012-12-25 08:38 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-12-25 08:38 . 2012-12-25 08:38 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-12-25 08:38 . 2009-03-09 14:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll
2012-12-25 08:38 . 2009-03-09 14:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2012-12-25 08:38 . 2009-03-09 14:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll
2012-12-25 08:38 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2012-12-25 08:38 . 2009-03-16 13:18 521560 ----a-w- c:\windows\system32\XAudio2_4.dll
2012-12-25 08:38 . 2009-03-16 13:18 517448 ----a-w- c:\windows\SysWow64\XAudio2_4.dll
2012-12-25 08:29 . 2012-12-25 08:29 -------- d-----w- c:\program files (x86)\Ubisoft
2012-12-24 17:54 . 2012-12-24 17:54 -------- d-----w- c:\programdata\Age of Empires 3
2012-12-24 11:29 . 2012-12-24 11:29 -------- d-----w- c:\program files (x86)\Alcohol Soft
2012-12-24 11:00 . 2012-12-24 18:35 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games
2012-12-24 10:48 . 2012-12-24 12:35 -------- d-----w- c:\users\Wahiro\AppData\Roaming\Microsoft Games
2012-12-24 10:48 . 2012-12-24 12:35 -------- d-----w- c:\programdata\Microsoft Games
2012-12-24 10:46 . 2012-12-24 18:44 -------- d-----w- c:\program files (x86)\Microsoft Games
2012-12-24 10:11 . 2012-12-24 10:11 -------- d-----w- c:\programdata\Orbit
2012-12-24 09:58 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-23 16:20 . 2012-12-23 16:20 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-12-23 12:12 . 2012-12-23 12:13 -------- d-----w- c:\program files (x86)\GoforFiles
2012-12-23 12:12 . 2012-12-23 12:12 -------- d-----w- c:\users\Wahiro\AppData\Roaming\GoforFiles
2012-12-23 11:30 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2012-12-23 10:27 . 2012-12-23 10:27 -------- d-----w- c:\program files\EA GAMES
2012-12-22 22:36 . 2012-12-22 23:21 -------- d-----w- c:\program files (x86)\EA GAMES
2012-12-22 18:11 . 2012-12-23 11:37 -------- d-----w- c:\users\Wahiro\AppData\Roaming\Atari
2012-12-22 17:27 . 2002-12-05 13:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-12-22 17:27 . 2002-12-02 14:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-12-22 17:27 . 2002-12-02 12:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-12-22 17:27 . 2002-12-02 12:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-12-22 17:27 . 2012-12-22 17:27 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-12-22 17:27 . 2012-12-22 17:27 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-12-22 17:27 . 2002-12-05 13:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-12-22 15:36 . 2006-10-13 08:01 720896 ----a-w- c:\windows\EAInstall.dll
2012-12-22 10:04 . 2012-12-24 19:22 -------- d-----w- c:\program files (x86)\Cossacks - The Art Of War
2012-12-22 10:00 . 2012-12-22 10:20 -------- d-----w- c:\program files (x86)\Cossacks
2012-12-22 09:59 . 2012-12-22 09:59 158720 ----a-w- c:\windows\SysWow64\unrar.dll
2012-12-21 23:25 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 23:24 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 23:24 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 23:24 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 23:11 . 2012-12-16 23:11 -------- d-----w- C:\rsit
2012-12-16 23:11 . 2012-12-16 23:11 -------- d-----w- c:\program files (x86)\trend micro
2012-12-12 11:58 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 11:57 . 2012-10-04 17:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 11:57 . 2012-10-04 16:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 11:57 . 2012-10-04 16:40 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2012-12-12 11:57 . 2012-10-04 17:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 11:57 . 2012-10-04 14:46 2048 ----a-w- c:\windows\SysWow64\user.exe
2012-12-12 11:57 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 11:57 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-04 21:45 . 2012-12-04 21:45 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2012-12-02 13:45 . 2012-12-02 13:45 -------- d-----w- c:\program files (x86)\Protected Search
2012-12-02 13:45 . 2012-08-30 01:01 15432 ----a-w- c:\windows\Launcher.exe
2012-12-02 13:45 . 2012-12-02 13:46 -------- d-----w- c:\users\Wahiro\AppData\Local\DownTango
2012-12-02 13:45 . 2012-12-02 13:45 -------- d-----w- c:\program files (x86)\Red Sky
2012-11-28 21:00 . 2012-11-28 20:56 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B019D11-227B-4AB0-8C12-43E620CB431E}\gapaengine.dll
2012-11-28 19:51 . 2012-11-28 19:51 -------- d-----w- c:\users\Wahiro\AppData\Roaming\Theta
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-26 08:06 . 2012-06-13 13:48 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-12-24 10:13 . 2012-07-19 10:12 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-24 10:13 . 2012-09-30 10:13 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-24 10:13 . 2012-08-09 15:52 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-12 23:05 . 2012-06-23 07:27 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 16:41 . 2012-09-13 12:39 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 16:41 . 2012-09-13 12:39 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-03 15:47 . 2012-06-23 13:54 983936 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-03 15:47 . 2012-06-23 13:54 841272 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-12-03 15:47 . 2012-06-23 13:54 2496976 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-12-03 15:47 . 2012-06-23 13:54 1805672 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-03 15:47 . 2012-06-22 22:31 245432 ----a-w- c:\windows\system32\nvinitx.dll
2012-12-03 15:47 . 2012-06-22 22:31 201136 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-12-03 15:47 . 2012-06-22 22:31 2816824 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-01 05:49 . 2012-06-23 13:56 3663213 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-01 05:49 . 2012-06-23 13:56 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-01 05:49 . 2012-06-23 13:56 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-12-01 05:49 . 2012-06-23 13:56 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-01 05:49 . 2012-06-23 13:56 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-01 05:49 . 2012-06-23 13:56 890216 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-01 05:49 . 2012-06-23 13:56 877928 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-01 05:48 . 2012-06-23 13:56 6223208 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-01 05:48 . 2012-06-23 13:56 3311464 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-04 12:47 . 2012-11-04 12:47 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-04 12:47 . 2012-11-04 12:47 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-10-30 22:50 . 2012-09-03 18:32 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-16 08:38 . 2012-11-28 08:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 08:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 08:06 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 22:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 22:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 22:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 22:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-04 16:40 . 2012-12-12 11:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 22:50 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 22:50 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 22:50 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 22:50 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 22:50 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 22:50 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 22:50 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 22:50 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 22:50 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 22:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 22:50 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 16:40 . 2012-07-03 16:38 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\WebcamMax.exe" [2010-08-03 6043888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-10-19 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-13 2317312]
"SonicMasterTray"="c:\program files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe" [2010-07-09 984400]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-10-20 549040]
GamePark klient 2.lnk - d:\action\GamePark2\gpcl.exe [2012-9-30 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "c:\programdata\Nuance\PDF Reader\Ereg\Ereg.ini"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-09-15 299008]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-03-24 34200]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-16 340240]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-20 1255736]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-01-14 1839616]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R4 Splashtop MDES;Splashtop Meta Data Export Service;c:\asus.sys\SIONExportService.exe [2011-11-30 338208]
R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-03 30056]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-14 283200]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-12-03 284008]
S2 AFBAgent;AFBAgent;c:\program files\ASUS\Fast Boot\FBAgent.exe [2011-03-03 379520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-20 1166848]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-09-29 92800]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\tune up\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-09-20 16768]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-09-15 299008]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-10-04 129512]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-10-04 394728]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-09-19 108656]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\tune up\TuneUpUtilitiesDriver64.sys [2012-02-09 11856]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-09-16 1935120]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-11-03 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-11-03 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-11-03 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.certified-toolbar.com?si= ... e&tid=2996
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mStart Page = hxxp://search.certified-toolbar.com?si= ... e&tid=2996
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
mSearch Bar = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 88.212.8.8 88.212.8.88
FF - ProfilePath - c:\users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default\
FF - ExtSQL: 2012-11-08 22:50; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files (x86)\Yontoo\YontooIEClient.dll
Toolbar-Locked - (no file)
AddRemove-Super_nude_patch_II_1.0 - c:\windows\iun6002.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\InstantOn\InsOnWMI.exe
c:\program files (x86)\ASUS\FaceLogon\sensorsrv.exe
c:\program files (x86)\Protected Search\ProtectedSearch.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\windows\SysWOW64\ACEngSvr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2012-12-26 09:12:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-26 08:12
ComboFix2.txt 2012-12-21 14:03
.
Pre-Run: 21 814 435 840 bytes free
Post-Run: 21 278 642 176 bytes free
.
- - End Of File - - AB3D10F6F7D7EF5E8EFE6F3BBB92FE0B







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 26.12.2012 10:47

pokračuj ďalej z mbam


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 26.12.2012 12:31

a malware


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verzia databázy: v2012.12.26.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Wahiro :: WAHIRO-PC [administrátor]

26. 12. 2012 9:19:01
mbam-log-2012-12-26 (11-37-55).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 478279
Uplynutý čas: 1 hod, 18 min, 8 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Škodlivý: (http://search.certified-toolbar.com?si= ... e&tid=2996) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Škodlivý: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Škodlivý: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Škodlivý: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Škodlivý: (http://search.certified-toolbar.com?si= ... e&tid=2996) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Škodlivý: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Škodlivý: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Škodlivý: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Žiadna úloha nevykonaná.

Detegované priečinky: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Žiadna úloha nevykonaná.

Detegované súbory: 3
C:\Qoobox\Quarantine\C\Windows\SysWOW64\msvfd32.exe.vir (Trojan.Clicker.CT) -> Žiadna úloha nevykonaná.
D:\uTorrent\Medal Of Honor Limited Edition-NoGrp\Crack tento je dobry a keygen\moh10\TRiViUM\Binaries\loader.dll (Riskware.Tool.CK) -> Žiadna úloha nevykonaná.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Žiadna úloha nevykonaná.

(koniec)


a dve policka neboli zaskrtnute, boli to nejake PUP protected, ked ich program neodškrtol tak som to ani ja nerobil...







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 26.12.2012 12:33

všetko zmaž potom použi adwcleaner http://www.bleepingcomputer.com/download/adwcleaner/ spusť a použi tlačidlo delete potom vlož log z C:


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 26.12.2012 13:58

myslis ten z combofix.txt?







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 26.12.2012 15:13

ne adwclener.txt mislim už si spravil ten MBAM pošli log


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 26.12.2012 16:29

uz som odstranil z mbam

tu je adwcleaner



# AdwCleaner v2.103 - Logfile created 12/26/2012 at 16:25:01
# Updated 25/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Wahiro - WAHIRO-PC
# Boot Mode : Normal
# Running from : C:\Users\Wahiro\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default\searchplugins\Web Search.xml
File Deleted : C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Web Search.xml
File Deleted : C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\searchplugins\Web Search.xml
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Wahiro\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Wahiro\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Wahiro\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Wahiro\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com
Folder Deleted : C:\Users\Wahiro\AppData\Roaming\yourfiledownloader

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Web Assistant
Key Deleted : HKU\S-1-5-21-1217127451-1472613876-3005742002-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKU\S-1-5-21-1217127451-1472613876-3005742002-1004\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKU\S-1-5-21-1217127451-1472613876-3005742002-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKU\S-1-5-21-1217127451-1472613876-3005742002-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKU\S-1-5-21-1217127451-1472613876-3005742002-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=2996 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://newtab.certified-toolbar.com/nie ... 6&new=true --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si= ... e&tid=2996 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=2996 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si= ... bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si= ... bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si= ... e&tid=2996 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=2996 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si= ... bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si= ... bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=2996 --> hxxp://www.google.com

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default\prefs.js

C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");

File : C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js

C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=2996&bs=true&q=");
Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=29[...]

File : C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=29[...]
Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=2996&bs=true&q=");

*************************

AdwCleaner[S1].txt - [11306 octets] - [26/12/2012 16:25:01]

########## EOF - C:\AdwCleaner[S1].txt - [11367 octets] ##########







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 26.12.2012 16:34

odinštaluj MBAM a adwcleaner daj unninstall
vlož novy log z RSIT


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 26.12.2012 20:28

Logfile of random's system information tool 1.09 (written by random/random)
Run by Wahiro at 2012-12-26 20:28:30
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 17 GB (9%) free of 200 GB
Total RAM: 4000 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:33, on 26. 12. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
D:\uTorrent\uTorrent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Users\Wahiro\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Wahiro.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Deamon tools\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-1217127451-1472613876-3005742002-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1217127451-1472613876-3005742002-1004\..\Run: [DAEMON Tools Lite] "D:\Deamon tools\DAEMON Tools Lite\DTLite.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1217127451-1472613876-3005742002-1004\..\Run: [RAVCpl32.exe] C:\Users\UpdatusUser\AppData\Roaming\Realtek Semiconductor\Realtek HD Audio Manager\1.0.0.653\RAVCpl32.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1217127451-1472613876-3005742002-1004\..\Run: [Skype] "D:\Skype 5.9\Phone\Skype.exe" /minimized /regrun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1217127451-1472613876-3005742002-1004\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1217127451-1472613876-3005742002-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: GamePark klient 2.lnk = D:\Action\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll
O23 - Service: AFBAgent - ASUSTeK Computer Inc. - C:\Program Files\ASUS\Fast Boot\FBAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Tune Up\TuneUpUtilitiesService64.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11023 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Wahiro\AppData\Roaming\Mozilla\Firefox\Profiles\51dpd3gv.default

prefs.js - "browser.search.useDBForOrder" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
twitter.xml
Web Search.xml
wikipedia.xml
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-10-19 3331312]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21 5716608]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-09-13 2317312]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\ASUS SonicMaster\SonicMasterTray.exe [2010-07-09 984400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WebcamMaxAutoRun"=C:\Program Files (x86)\WebcamMax\WebcamMax.exe [2010-08-03 6043888]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=D:\Deamon tools\DAEMON Tools Lite\DTLite.exe [2012-01-24 3478336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
GamePark klient 2.lnk - D:\Action\GamePark2\gpcl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"msacm.lhacm"=lhacm.acm
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-12-26 18:18:36 ----D---- C:\Program Files (x86)\SEGA
2012-12-26 09:18:24 ----D---- C:\Users\Wahiro\AppData\Roaming\Malwarebytes
2012-12-26 09:18:09 ----D---- C:\ProgramData\Malwarebytes
2012-12-26 09:18:07 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-26 09:12:11 ----D---- C:\Windows\temp
2012-12-26 09:12:09 ----A---- C:\ComboFix.txt
2012-12-26 09:07:09 ----D---- C:\$RECYCLE.BIN
2012-12-25 15:59:29 ----D---- C:\ProgramData\InstallShield
2012-12-25 15:00:57 ----D---- C:\Program Files (x86)\Sierra
2012-12-25 12:49:58 ----D---- C:\Program Files (x86)\Focus Home Interactive
2012-12-25 09:59:50 ----D---- C:\ProgramData\Tages
2012-12-25 09:52:33 ----D---- C:\ProgramData\Solidshield
2012-12-25 09:38:03 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2012-12-25 09:38:00 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2012-12-25 09:37:59 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2012-12-25 09:37:58 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-12-25 09:37:55 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-12-25 09:37:52 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2012-12-25 09:37:44 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2012-12-25 09:37:44 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2012-12-25 09:37:39 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2012-12-25 09:37:39 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-12-25 09:37:37 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2012-12-25 09:37:36 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-12-25 09:37:34 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2012-12-25 09:37:34 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-12-25 09:37:29 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2012-12-25 09:37:28 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-12-25 09:37:27 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2012-12-25 09:37:26 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-12-25 09:37:23 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-12-25 09:37:23 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-12-25 09:37:18 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-12-24 18:54:16 ----D---- C:\ProgramData\Age of Empires 3
2012-12-24 12:29:44 ----D---- C:\Program Files (x86)\Alcohol Soft
2012-12-24 12:00:01 ----D---- C:\Program Files (x86)\Common Files\Microsoft Games
2012-12-24 11:48:51 ----D---- C:\Users\Wahiro\AppData\Roaming\Microsoft Games
2012-12-24 11:48:51 ----D---- C:\ProgramData\Microsoft Games
2012-12-24 11:46:52 ----D---- C:\Program Files (x86)\Microsoft Games
2012-12-24 11:11:27 ----D---- C:\ProgramData\Orbit
2012-12-23 17:20:30 ----D---- C:\Program Files (x86)\Microsoft WSE
2012-12-23 13:12:18 ----D---- C:\Users\Wahiro\AppData\Roaming\GoforFiles
2012-12-23 13:12:18 ----D---- C:\Program Files (x86)\GoforFiles
2012-12-23 12:31:33 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2012-12-23 12:31:31 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-12-23 12:31:31 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-12-23 12:31:29 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-12-23 12:31:28 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2012-12-23 12:31:26 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-12-23 12:31:26 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-12-23 12:31:24 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-12-23 12:31:23 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2012-12-23 12:31:23 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-12-23 12:31:21 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-12-23 12:31:21 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-12-23 12:31:20 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-12-23 12:31:19 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2012-12-23 12:31:18 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2012-12-23 12:31:16 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-12-23 12:31:16 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-12-23 12:31:14 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2012-12-23 12:31:14 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2012-12-23 12:31:12 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2012-12-23 12:31:11 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-12-23 12:31:09 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2012-12-23 12:31:09 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2012-12-23 12:31:07 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-12-23 12:31:06 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2012-12-23 12:31:06 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2012-12-23 12:31:05 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2012-12-23 12:31:04 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2012-12-23 12:31:03 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2012-12-23 12:30:54 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2012-12-23 12:30:52 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2012-12-23 12:30:52 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2012-12-23 12:30:51 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-12-23 12:30:48 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-12-23 12:30:46 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-12-23 12:30:44 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-12-23 12:30:40 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-12-22 23:36:39 ----D---- C:\Program Files (x86)\EA GAMES
2012-12-22 19:11:16 ----D---- C:\Users\Wahiro\AppData\Roaming\Atari
2012-12-22 16:36:18 ----A---- C:\Windows\EAInstall.dll
2012-12-22 11:04:11 ----D---- C:\Program Files (x86)\Cossacks - The Art Of War
2012-12-22 11:00:02 ----D---- C:\Program Files (x86)\Cossacks
2012-12-22 10:59:27 ----A---- C:\Windows\SysWOW64\unrar.dll
2012-12-22 00:25:00 ----A---- C:\Windows\SysWOW64\atmlib.dll
2012-12-22 00:24:55 ----A---- C:\Windows\SysWOW64\atmfd.dll
2012-12-21 13:31:10 ----A---- C:\Windows\zip.exe
2012-12-21 13:31:10 ----A---- C:\Windows\SWSC.exe
2012-12-21 13:31:10 ----A---- C:\Windows\SWREG.exe
2012-12-21 13:31:10 ----A---- C:\Windows\sed.exe
2012-12-21 13:31:10 ----A---- C:\Windows\PEV.exe
2012-12-21 13:31:10 ----A---- C:\Windows\NIRCMD.exe
2012-12-21 13:31:10 ----A---- C:\Windows\MBR.exe
2012-12-21 13:31:10 ----A---- C:\Windows\grep.exe
2012-12-21 13:30:52 ----D---- C:\Qoobox
2012-12-21 13:30:31 ----D---- C:\Windows\erdnt
2012-12-17 00:11:29 ----D---- C:\rsit
2012-12-17 00:11:29 ----D---- C:\Program Files (x86)\trend micro
2012-12-13 00:03:20 ----A---- C:\Windows\SysWOW64\vbscript.dll
2012-12-13 00:03:20 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-12-13 00:03:19 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-12-13 00:03:18 ----A---- C:\Windows\SysWOW64\url.dll
2012-12-13 00:03:18 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-12-13 00:03:17 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-12-13 00:03:15 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-12-13 00:03:14 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-12-13 00:03:13 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-12-13 00:03:13 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-12-13 00:03:12 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-12-13 00:03:11 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-12-13 00:03:09 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-12-13 00:03:05 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-12-12 12:58:40 ----A---- C:\Windows\SysWOW64\tzres.dll
2012-12-12 12:58:20 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2012-12-12 12:58:20 ----A---- C:\Windows\SysWOW64\kernel32.dll
2012-12-12 12:58:18 ----A---- C:\Windows\SysWOW64\setup16.exe
2012-12-12 12:58:16 ----A---- C:\Windows\SysWOW64\wow32.dll
2012-12-12 12:58:16 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2012-12-12 12:58:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 12:58:13 ----A---- C:\Windows\SysWOW64\instnm.exe
2012-12-12 12:58:11 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 12:58:11 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-12 12:58:10 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 12:58:10 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-12 12:58:10 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 12:58:08 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 12:58:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 12:58:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 12:58:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 12:58:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 12:58:06 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 12:58:05 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 12:58:05 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 12:58:05 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 12:58:04 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 12:58:04 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 12:58:03 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 12:58:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-12 12:58:01 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 12:58:01 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-12 12:58:01 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 12:57:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 12:57:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-12 12:57:50 ----A---- C:\Windows\SysWOW64\user.exe
2012-12-12 12:57:38 ----A---- C:\Windows\SysWOW64\dpnet.dll
2012-12-06 15:37:56 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-12-04 22:45:45 ----D---- C:\Program Files (x86)\AGEIA Technologies
2012-12-04 22:41:41 ----A---- C:\Windows\SysWOW64\nvcompiler.dll
2012-12-04 22:41:40 ----A---- C:\Windows\SysWOW64\nvopencl.dll
2012-12-04 22:41:40 ----A---- C:\Windows\SysWOW64\nvoglv32.dll
2012-12-04 22:41:40 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll
2012-12-04 22:41:40 ----A---- C:\Windows\SysWOW64\nvcuda.dll
2012-12-04 22:41:37 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll
2012-12-04 22:41:37 ----A---- C:\Windows\SysWOW64\nvd3dum.dll
2012-12-04 22:41:37 ----A---- C:\Windows\SysWOW64\nvcuvid.dll
2012-12-02 14:45:57 ----D---- C:\Program Files (x86)\Protected Search
2012-12-02 14:45:49 ----A---- C:\Windows\Launcher.exe
2012-12-02 14:45:47 ----A---- C:\SetSearchAndHomepageInBrowserLog.txt
2012-12-02 14:45:34 ----D---- C:\Program Files (x86)\Red Sky
2012-11-28 20:51:04 ----D---- C:\Users\Wahiro\AppData\Roaming\Theta

======List of files/folders modified in the last 1 month======

2012-12-26 20:28:30 ----D---- C:\Users\Wahiro\AppData\Roaming\uTorrent
2012-12-26 19:17:25 ----D---- C:\uTorrent
2012-12-26 18:44:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-26 18:44:40 ----SHD---- C:\System Volume Information
2012-12-26 18:18:36 ----RD---- C:\Program Files (x86)
2012-12-26 16:27:04 ----A---- C:\Windows\SysWOW64\acovcnt.exe
2012-12-26 16:25:02 ----D---- C:\ProgramData
2012-12-26 16:18:46 ----SHD---- C:\Windows\Installer
2012-12-26 16:18:46 ----D---- C:\Config.Msi
2012-12-26 16:18:33 ----D---- C:\ProgramData\Media Center Programs
2012-12-26 15:53:26 ----D---- C:\Windows
2012-12-26 15:51:55 ----D---- C:\Users\Wahiro\AppData\Roaming\DAEMON Tools Lite
2012-12-26 14:00:21 ----D---- C:\Windows\System32
2012-12-26 14:00:21 ----D---- C:\Windows\inf
2012-12-26 12:32:07 ----D---- C:\Users\Wahiro\AppData\Roaming\Ubisoft
2012-12-26 09:07:12 ----A---- C:\Windows\system.ini
2012-12-26 09:04:52 ----D---- C:\Windows\Tasks
2012-12-26 09:04:52 ----D---- C:\Windows\SysWOW64
2012-12-26 09:03:20 ----D---- C:\Windows\SysWOW64\drivers
2012-12-26 09:03:20 ----D---- C:\Windows\AppPatch
2012-12-26 09:03:19 ----D---- C:\Program Files (x86)\Common Files
2012-12-26 08:43:14 ----D---- C:\ProgramData\AVAST Software
2012-12-26 00:29:43 ----D---- C:\Windows\Logs
2012-12-26 00:29:43 ----D---- C:\Windows\debug
2012-12-25 09:36:39 ----RSD---- C:\Windows\assembly
2012-12-25 09:19:10 ----D---- C:\Windows\Microsoft.NET
2012-12-24 23:43:29 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2012-12-24 23:38:17 ----D---- C:\Windows\SysWOW64\en-US
2012-12-24 19:53:33 ----D---- C:\Windows\winsxs
2012-12-24 11:13:34 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe
2012-12-24 11:13:05 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
2012-12-23 17:20:31 ----SD---- C:\Users\Wahiro\AppData\Roaming\Microsoft
2012-12-23 12:31:37 ----D---- C:\Program Files (x86)\Electronic Arts
2012-12-23 11:27:49 ----RD---- C:\Program Files
2012-12-21 20:21:00 ----D---- C:\ProgramData\YTD Video Downloader
2012-12-21 13:30:37 ----D---- C:\Windows\Prefetch
2012-12-13 20:11:59 ----D---- C:\Windows\rescache
2012-12-13 11:02:34 ----D---- C:\Windows\SysWOW64\sk-SK
2012-12-13 11:02:29 ----D---- C:\Windows\SysWOW64\migration
2012-12-13 11:02:29 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-13 00:05:06 ----D---- C:\ProgramData\Microsoft Help
2012-12-12 17:41:42 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-07 13:47:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-04 22:57:01 ----D---- C:\Windows\SysWOW64\NV
2012-12-04 22:56:56 ----D---- C:\ProgramData\NVIDIA
2012-12-04 22:45:45 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-12-04 22:44:05 ----D---- C:\temp
2012-12-03 16:47:14 ----A---- C:\Windows\SysWOW64\nvumdshim.dll
2012-12-03 16:47:14 ----A---- C:\Windows\SysWOW64\nvinit.dll
2012-12-03 16:47:14 ----A---- C:\Windows\SysWOW64\nvapi.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 MpKsl4414f2aa;MpKsl4414f2aa; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FDDC0DCB-A3D5-4C0A-A99F-EC144AB85603}\MpKsl4414f2aa.sys [2012-12-26 35664]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 adfs;adfs; C:\Windows\SysWOW64\drivers\adfs.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys []
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2011-09-20 16768]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys []
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys []
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys []
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys []
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys []
R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys []
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Tune Up\TuneUpUtilitiesDriver64.sys [2012-02-09 11856]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys []
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys []
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Program Files\ASUS\Fast Boot\FBAgent.exe [2011-03-04 379520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-20 1166848]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-09-29 92800]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-09-16 1518352]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-03 1259880]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-12-24 76888]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-09-16 844560]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Tune Up\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-06 115168]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-16 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-01-14 1839616]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
S4 NBService;NBService; D:\Nero 7 Ultra Edition\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S4 Splashtop MDES;Splashtop Meta Data Export Service; C:\ASUS.SYS\SIONExportService.exe [2011-11-30 338208]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 26.12.2012 20:48

Otvor HJT C:\Program Files (x86)\trend micro\Wahiro.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Deamon tools\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: GamePark klient 2.lnk = D:\Action\GamePark2\gpcl.exe

zaškrtni stlač fix checked
Stiahni si OTC http://www.geekstogo.com/forum/files/fi ... -clean-it/ spusť stlač clean up

Stiahni si ccleaner http://www.piriform.com/ccleaner/download prečisti oprav registre
Stiahni si defraggler http://www.piriform.com/defraggler defrafmetuj disk
napiš čo pc


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 29.12.2012 10:17

ok defragmentoval som, co myslis tym napis co pc? :)







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 29.12.2012 11:52

že či je to lepšie či nie


Offline

Užívateľ
Užívateľ
Niekedy mi nenacita PC plochu, co s tým ?

Registrovaný: 28.03.12
Prihlásený: 25.04.16
Príspevky: 58
Témy: 10
Bydlisko: Košice
Príspevok Napísal autor témyOffline : 29.12.2012 16:34

z tohto vsetkeho to rozoznat neviem... od doby kedy sme toto začali rozoberat tak mi plocha zapla vzdy dobre. A take veci s ccleaner a tuneuputilities robievam niekedy, cistim register, defragmentujem a tak. Rychlejsi PC som zaznamenal odkedy som odinstaloval Avast. Ak je to teda vsetko tak ti chcem velmi podakovat za to ze si mi pomahal :)







_________________
ASUS N55 SL \ GPU - NVIDIA GeForce GT 635m \ CPU - Intel(R) Core(TM) i5 - 2450M 2.50 GHz \ RAM - 4 GB \ Windows 7 Home Premium 64 - bit
Odpovedať na tému [ Príspevkov: 35 ] Choď na stránku: 1, 2 ďalšia


Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy. Nenacita plochu s ikonami

v Operačné systémy Microsoft

0

430

05.11.2018 22:24

feldino Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Notebook po zapnuti nenacita plochu

[ Choď na stránku:Choď na stránku: 1, 2 ]

v Notebooky a netbooky

42

3557

09.10.2013 19:54

liqua1 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. mrznutie PC a niekedy nenačíta Windows

v Operačné systémy Microsoft

1

400

06.05.2013 13:21

brmbo Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Volant - niekedy ide a niekedy nie

v Externé zariadenia

6

686

04.01.2008 13:47

Draco Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Windows premazal plochu

v Operačné systémy Microsoft

5

378

20.02.2017 20:07

Lakinko Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. odkaz na plochu

v Počítačové hry

5

599

01.08.2009 18:09

milosb Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Pohyblive pozadia na plochu

v Operačné systémy Microsoft

3

15253

15.03.2009 17:44

McDog Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Merac teplot na plochu

v Ostatné programy

5

2264

18.09.2009 18:33

roocoX Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Ukladanie na pracovnu plochu

v Operačné systémy Microsoft

5

1060

12.08.2011 1:08

matwej Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Poznamky na plochu windows 10

v Ostatné programy

2

1306

24.11.2015 22:21

walther Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Ako naspat otocit pracovnu plochu

v Operačné systémy Microsoft

3

5307

25.06.2008 19:24

Gyrxiur Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Stále ma dáva na plochu

v Počítačové hry

4

259

12.07.2014 22:15

tarezni Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Padanie programov na pracovnú plochu

v Operačné systémy Microsoft

1

282

23.07.2013 9:31

SKiLEX Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Win8.1 Odklikávanie na plochu

v Operačné systémy Microsoft

5

356

25.05.2014 17:48

scotty32 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Niekedy nevypne zdroj

v PC skrinky a zdroje

2

318

18.08.2014 12:01

focko Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. niekedy nejde zapnut....

v Ostatné

2

450

05.01.2008 21:16

patqo_he Zobrazenie posledných príspevkov


Nemôžete zakladať nové témy v tomto fóre
Nemôžete odpovedať na témy v tomto fóre
Nemôžete upravovať svoje príspevky v tomto fóre
Nemôžete mazať svoje príspevky v tomto fóre

Skočiť na:  

Powered by phpBB Jarvis © 2005 - 2024 PCforum, webhosting by WebSupport, secured by GeoTrust, edited by JanoF
Ako väčšina webových stránok aj my používame cookies. Zotrvaním na webovej stránke súhlasíte, že ich môžeme používať.
Všeobecné podmienky, spracovanie osobných údajov a pravidlá fóra